Privacy Policy
Last updated: 2026-05-31. This policy is written first for users in mainland China, in accordance with the Personal Information Protection Law of the People's Republic of China (PIPL) and the Interim Measures for the Management of Generative AI Services.
1. What we collect
- Person photo (sensitive personal information): the photo you upload of yourself, including identifiable facial and body features. Per PIPL §28, this counts as sensitive personal information.
- Account info: only collected if you sign up — email and a hashed password.
- Usage logs: request timestamps, quota counts, client IP prefix (masked to /24). Image URLs in logs are short-lived signed URLs that expire.
2. Legal basis for single consent
Per PIPL §29, processing sensitive personal information requires a separate, explicit consent. That is why you must tick the "Personal Information Processing Notice" box independently before each upload — it cannot be bundled into a generic Terms acceptance. Every tick produces an audit record (timestamp, text hash, IP prefix) retained as legal evidence. If we update the notice wording, previous consents are automatically invalidated and you must re-tick.
3. Purpose limitation
Your photo is used only for this image analysis. By default we do not use it for model training, and we do not use it for other users' analyses. If a future feature ever needs your photo for training, we will ask for separate consent at that point.
4. Third-party processors
| Processor | Purpose | Operator / Jurisdiction | Data received |
|---|---|---|---|
| Google Gemini API | Multimodal vision analysis, report copy generation | Google LLC (USA) | Your uploaded photo + user goal tags |
| RunningHub | "Try-on look" rendering (on demand) | RunningHub (China) | Photo + garment image, only when you click "See look" |
| Object storage operator | Storage of originals and derivatives (try-on images) | Alibaba Cloud OSS · Alibaba Cloud Computing (China · East China / Shanghai) | Originals, try-on / outfit images, thumbnails (per §8 retention) |
5. AI-generated content labelling
Every "look render" image produced by the look-render module carries dual labelling:
- Visible watermark: a non-removable "AI 生成 · AI-Generated" stamp burned into the bottom-right corner. Persists in downloads, share cards and thumbnails.
- EXIF metadata: exported files carry
AIGenerated=trueplus generation time and model identifier. - Page label: the report page explicitly notes "the following image is an AI-synthesised preview, for reference only".
This requirement follows the Interim Measures for Generative AI Services §12 and the Deep Synthesis regulation.
6. Minors
This service does not collect personal information of minors (PIPL §31). The system automatically rejects photos that appear to depict a minor; the guardian-consent flow is not implemented in this version. The system does not output age estimates (e.g. "looks like X years old").
7. Your rights
- Access & copy: signed-in users can review their history in the dashboard.
- Correction: account info is editable from the dashboard; analysis results can be regenerated by re-uploading.
- One-click delete: tap "Delete" on any report card in the dashboard to wipe the original photo, derivatives, report JSON, recommended products and share token together. The deletion request is recorded in a 6-month compliance audit log (hashes only, never the original photo).
- Withdraw consent: deleting all history is treated as withdrawal of single consent; you will need to re-tick on the next upload.
8. Retention
- Registered users' originals: auto-deleted after 30 days.
- Guest originals: auto-deleted after 24 hours.
- Report JSON / recommendations: cleared on the same schedule as the originals.
- Usage logs: 90 days.
- Compliance audit logs (consent / deletion): 6 months, kept as legal evidence.
9. Cross-border transfer disclosure
When your photo is sent to the Google Gemini API for analysis, the data is transmitted to Google LLC's global infrastructure (including Google Cloud nodes in the United States). Per PIPL §38 we hereby disclose the existence, purpose, scope and recipient jurisdiction of this cross-border transfer. If you do not wish to consent to this transfer, please do not upload a photo.
10. International edition placeholder
This policy is written for users in mainland China. If we publish dedicated EU / UK / Japan editions in future, separate GDPR / UK ICO / APPI compliance notices will accompany them. The MVP does not expand on those today.
Contact: questions about this policy → [email protected].
© 2026 NiShow · nishow.com · Privacy Policy · last updated 2026-05-31